/*******************************************************************************
 *
 * File Name:          AuthActivity.java
 *
 * Created:            2006-10-3 9:13:15
 *
 * Original Author:    yu.peng
 *
 *------------------------------------------------------------------------------
 * MODIFICATION HISTORY
 *------------------------------------------------------------------------------
 * WHEN                WHO                 WHY
 * 2006-10-3 9:13:15   yu.peng             new
 *------------------------------------------------------------------------------
 *
 ******************************************************************************/
/*******************/
/* PACKAGE SECTION */
/*******************/
package org.njo.webapp.root.model.activity;

import org.njo.webapp.root.model.RemoteUser;
import org.njo.webapp.root.model.dao.UsersDAO;
import org.njo.webapp.root.model.dao.Users_groupsDAO;
import org.njo.webapp.root.model.dao.Groups_rolesDAO;
import org.njo.webapp.root.model.dao.Users_rolesDAO;
import org.njo.webapp.root.utility.SystemContext;
import org.njo.webapp.root.utility.AuthenticateException;
import org.njo.webapp.root.utility.ObjectNotExistsException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.commons.lang.ArrayUtils;

import java.sql.SQLException;
import java.sql.Connection;

/**
 * 用于用户身份验证的模块.
 *
 * @author yu.peng
 * @version 0.01
 */
public class Authenticate {

    public static Log logger = LogFactory.getLog(Authenticate.class);

    /**
     * Login处理.
     * @param name
     * @param password
     * @param ipAddress
     * @return
     * @throws ObjectNotExistsException 用户不存在时
     * @throws AuthenticateException    密码错误时
     */
    public RemoteUser login(String name, String password, String ipAddress)
            throws ObjectNotExistsException, AuthenticateException {
        Connection connection = null;
        UsersDAO usersDAO = null;
        Users_groupsDAO users_groupsDAO = null;
        Groups_rolesDAO groups_rolesDAO = null;
        Users_rolesDAO users_rolesDAO = null;
        RemoteUser remoteUser = null;

        // open the database connection.
        try {
            connection = SystemContext.openConnection();
        } catch (Throwable tw) {
            logger.error(tw);
            throw new RuntimeException(tw);
        }

        try {
            // access the database.
            // call the DAO Object insert the record into DB.
            usersDAO = new UsersDAO(connection);
            users_groupsDAO = new Users_groupsDAO(connection);
            groups_rolesDAO = new Groups_rolesDAO(connection);
            users_rolesDAO = new Users_rolesDAO(connection);

            String[] user = usersDAO.auth(name);
            if (password==null || !password.equals(user[1])) {
                // 密码错误
                throw new AuthenticateException("password is wrong.");
            }

            String[] roles = new String[0];

            String[] u_roles = users_rolesDAO.getRoles(name);
            for (int i = 0; i < u_roles.length; i++) {
                String u_role = u_roles[i];
                if (!ArrayUtils.contains(roles, u_role)) {
                    roles = (String[]) ArrayUtils.add(roles, u_role);
                }
            }

            String[] u_groups = users_groupsDAO.getGroups(name);
            for (int i = 0; i < u_groups.length; i++) {
                String group = u_groups[i];
                String[] g_roles = groups_rolesDAO.getRoles(group);
                for (int i1 = 0; i1 < g_roles.length; i1++) {
                    String g_role = g_roles[i1];
                    if (!ArrayUtils.contains(roles, g_role)) {
                        roles = (String[]) ArrayUtils.add(roles, g_role);
                    }
                }
            }

            remoteUser = new RemoteUser();
            remoteUser.setName(user[0]);
            remoteUser.setPassword(user[1]);
            remoteUser.setRoles(roles);

        } catch (SQLException ex) {
            throw new RuntimeException(ex);
        } finally {
            try {
                if (connection != null) {
                    SystemContext.closeConnection(connection);
                }
            } catch (Throwable tw) {}
        }
        return remoteUser;
    }

    /**
     * @param remoteUser
     */
    public void logout(RemoteUser remoteUser) {

    }

}
